From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. This allows them to further distribute malware and perform different kinds of malicious activities.
One of the ways attackers try to secure their access is by adding admin users, or pieces of malicious code throughout the site. This allows them to regain access easily, if needed. However, we recently found a unique way to achieve this kind of breach.